Communicating by means of a mobile end device, for example a mobile telephone, over a mobile radio network (also designated as a PLMN [Public Land Mobile Network]) which is operated by a network operator (also designated as an MNO [Mobile Network Operator]) as a rule requires that the mobile end device is equipped with a security element for securely storing data that uniquely identify the user of the mobile end device vis-à-vis the mobile radio network. For example, in a mobile end device that is configured for communicating according to the GSM standard (Global System for Mobile Communications), which is currently one of the most widespread mobile radio standards, there is used a security element with the name SIM (Subscriber Identity Module) usually in the form of a chip card or smart card. According to the GSM standard, whose technical features are defined in a plurality of mutually linked and interdependent specifications, the SIM card contains subscription authorization data (“Subscription Credentials”) for identifying and authenticating the user or subscriber, including an IMSI (International Mobile Subscriber Identity) and an authentication key Ki. Before a subscriber is given his SIM card, said subscription authorization data are usually securely deposited on the SIM card as part of a subscription (also called the subscription profile) by the SIM-card manufacturer or network operator during a personalization process. A non-personalized SIM card is generally unsuitable for proper employment in a mobile end device, i.e. it is not possible to access a mobile radio network with a non-personalized SIM card without a subscription.
A certain area of application of security elements, such as SIM cards, UICCs, eUICCS, and the like, that in all probability will grow substantially in the near future is M2M communication (“machine-to-machine communication”), i.e. communication between machines over a mobile radio network without human interaction. In M2M communication, data can be automatically exchanged among numerous different kinds of machines which are equipped with a security element in the form of an M2M module, for example TV systems, set-top boxes, vending machines, vehicles, traffic lights, surveillance cameras, sensor apparatuses, and the like. It is foreseeable that at least with some of such apparatuses it will be impossible or at least very difficult to already furnish the security element with a subscription upon manufacture. This is due in particular to the fact that in many M2M apparatuses the security element is implemented in the form of a surface-mounted chip or chip module and at this time it is for example unclear in which country of the world a certain M2M apparatus will be used. Consequently, such M2M apparatuses with non-personalized security elements require the possibility of being furnished with a subscription via the over-the-air interface only upon use in the field.
For utilizing the services supplied by a mobile network operator, in particular communicating over the corresponding mobile radio network, the user of a mobile end device must as a rule pay a monthly fee. If the user wishes to change to another mobile network operator for example for lower monthly fees and/or better services, usually he must manually replace the SIM card supplied by the previous mobile network operator having the subscription for utilizing the mobile radio network of the previous mobile network operator by a SIM card supplied by the new mobile network operator having a subscription for utilizing the mobile radio network of the new mobile network operator. Instead of this conventional procedure, it would unquestionably be simpler and more convenient for the user to have a security element that can be “reprogrammed” by means of a new subscription via the over-the-air interface.
Such methods for downloading a subscription via the over-the-air interface from a server entity to a security element are known in principle from the prior art. Such conventional methods involve the problem, however, that a network operator downloading a subscription to a security element has as a rule no possibility of recognizing, much less determining, alongside which further subscriptions on the security element his subscription is used or can be used, which would be desirable in certain cases.
Against this background, the present invention is faced with the object of providing improved methods and apparatuses for managing a plurality of subscriptions on a security element for logging into a respective mobile radio network that are able to at least partly remedy the hereinabove described disadvantages.